The process describes running a command on every client computer to install it into the trusted certificates store.

My question is, can I instead generate a certificate using a trusted authority (in this case our windows domain controller) and install it in the call manager. This seems better to me because all the computers will automatically trust it, without having to touch each machine.

Is it as simple as Generate CSR on call manager, create certificate on DC, upload to call manager? After uploading, can I specify that click to call should use the new trusted certificate instead of the self signed one?

And the million dollar question of course! Is there any possibility that this will break anything?

Use a real, trusted certificate for Click To Call

Is it as simple as Generate CSR on call manager, create certificate on DC, upload to call manager?

Almost except you mean tomcat, not the callmanager process. You also need to restart the Tomcat service at the end of that sequence. Be sure that your certficate template on the MS CA matches the requirements:

Use a real, trusted certificate for Click To Call

Is it as simple as Generate CSR on call manager, create certificate on DC, upload to call manager?

Almost except you mean tomcat, not the callmanager process. You also need to restart the Tomcat service at the end of that sequence. Be sure that your certficate template on the MS CA matches the requirements:

Hi All,
Are you getting this error “Installer User Interface Mode Not Supported. The installer cannot run in this UI mode. To specify the interface mode, use the -i command-line option, followed by the UI mode identifier. The value UI mode identifiers...
view more

The below trick might come handy when you have to add a new node to a cluster but you don't have or is unsure of the security password for the publisher. This procedure has been around for ages.
1) Login into the CLI of the Publisher.
...
view more